Generated names and potential collisions in shared infrastructure

[soerenschneider]

When running Demo1 step 2 I noticed the generated cluster's name is hmc-system-aws-test1. In my current understanding, we'll likely share a common AWS account.

Given that assumption, wouldn't we need to introduce some pseudo randomness into the generated resource names on AWS to provide collisions? Thinking about cluster names, but also overlapping subnets. Not sure about account quotas but that could also be a future problem.

[Schnitzel]

yea, great point, I was wondering about this as well. Maybe we could add some kind of hash to each clustername based on the hostname of the computer we are running the demo?

[soerenschneider]

I added a POC in this commit, please let me know what you think.

My assumption was that I want to use a pseudo random string, only using docker to not have to support multiple OSes. The file is stored within the repo (outside of git, hence the entry in .gitignore) and can be used in appropriate targets.

[Algeran]

Another approach, this is how I implemented it in the GitOps demo repo:

• as unique prefix I use username environment variable that must be set by user before demo, example in templates
• check env variable logic here + here + and before manifests generation (e.g. .check-variable-username)

So, it forces user to define the USERNAME environment variable and fails it it's not. Username allows cloud administrators to easily check owners of the created resources instead of discovering by randomly generated suffixes